Typically, the victim receives an email that directs them to a website where they're asked to log in. The website is controlled by hackers who then use the credentials to take over an account. In Spears's case, the anonymous troublemakers on 4chan's /b/ bulletin board are claiming credit.

Just one question: Why would the b-tards bother? Online banking accounts have long been a target of phishers, since there's money to be made. But there's no money in Twitter. The service, which lets users post short updates to their friends, doesn't carry advertising, and hasn't figured out a way to charge people. Like Twitter itself, this hacking stunt is good entertainment, but not a clever business.